The Telecom Italia Mobile (or TIM) web portal is susceptible to cross site scripting attacks.
a348cafb30a75dec51c8f4b4936a2d2606e72cc9940ef953da0e7eb96f8327d7
Secunia Security Advisory - A vulnerability with unknown impact has been reported in various Hitachi products.
b82f34f8c0bf0703c5570a6819d77753acd69bee35b15163cb1aa2e9edd76f1d
Secunia Security Advisory - FiSh has discovered a vulnerability in CMScout, which can be exploited by malicious users to conduct SQL injection attacks.
c5431ea2023cb413394602c568788a1a67dc8f3e1a07aa0f3d6f4feb94423536
Secunia Security Advisory - A vulnerability has been reported in the Drupal LoginToboggan module, which can potentially be exploited by malicious users to conduct script insertion attacks.
9d140e40c851a5649f38f55c9f7171baac2048dc0bebfc2962380a95615bf9a0
Secunia Security Advisory - Justin Seitz has discovered a vulnerability in Ipswitch WS_FTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
da257a69dc6a598bb09775bc35c4420d26789d146907d369cceb956762194225
Secunia Security Advisory - A vulnerability has been reported in Hitachi TP1/Server Base, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).
67914994898ecb3eafd438b06410619cd72bb4f704efe1b206590bfadebef1db
Secunia Security Advisory - Brad Hill has reported a vulnerability in IAIK XSECT, which can be exploited by malicious people to compromise a vulnerable system.
45e7d2de521776cbc954893836c4fe1d0f812102e813ab2bb152d9eb3461c6b8
Secunia Security Advisory - A vulnerability has been reported in Hitachi JP1/NETM/DM Manager, which can be exploited by malicious users to conduct SQL injection attacks.
3a13db549908c00c1ce0e169925019f05b879af5eafdf2af35600a3ab2ab0eac
Secunia Security Advisory - RedTeam Pentesting has reported some vulnerabilities in activeWeb contentserver, which can be exploited by malicious users to disclose potentially sensitive information, bypass certain security restrictions, or conduct SQL injection and script insertion attacks, and by malicious people to conduct cross-site scripting attacks.
12de3c120c2838d0c38b09ea7b0a6af307eebd7c129f2b655034007507a337bc
Secunia Security Advisory - Marc Ruef has reported a vulnerability in SiteScape Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.
47b08eb8ad6bf2fb4193f8ce61d5ab6ce617b27f1c5e0e6c534f7839e0ed625a
SiteScape Forum versions prior to 7.3 suffer from an input validation flaw that allows for arbitrary javascript insertion.
093f753a1723a404dac3f95d19723da79cf687420ced67ae4808de6b3d6f4f12
CMScout versions 1.23 and below suffer form a SQL injection vulnerability.
78901c2218b5dbc2c3a3e8e9ba1a45cd1fac94b5f913a165fea8acadcc340623
MKPortal NoBoard BETA is susceptible to a remote file inclusion vulnerability.
f2b2ea60c1de9a077658660c8ee5d212f623195ce8d307713a9a895b708b682b
iSEC Partners and Brad Hill are pleased to announce the availability of a new whitepaper describing design flaws and new attacks against the XML Digital Signature and XML Encryption standards. It accompanies recent advisories and provides detailed guidance for auditors and implementers of these products.
d1dc0e0eba7d2772f21a6e694c7c6e93f94a1e02a6befdfb4d6b0aa21027dcd3
Technical Cyber Security Alert TA07-193A - Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Apple QuickTime version 7.2 resolves these vulnerabilities.
7151e24a15f1b2853a7d7b1145405afa88ab234c7e7f2404ce4d352587d78f6f
iDefense Security Advisory 07.12.07 - Local exploitation of a race condition vulnerability in Red Hat Inc.'s Enterprise Linux init.d XFS script allows an attacker to elevate their privileges to root. iDefense has confirmed the existence of this vulnerability in Red Hat Enterprise Linux version 4, and Fedora Core 6. Other versions may also be affected.
2666c40511f0350e401c36cdc9f97d433ab4c36b57b8e529c7c0a2a02b5b980c
FreeBSD Security Advisory - Several problems have been found in the libarchive code used to parse the tar and pax interchange formats. These include entering an infinite loop if an archive prematurely ends within a pax extension header or if certain types of corruption occur in pax extension headers, dereferencing a NULL pointer if an archive prematurely ends within a tar header immediately following a pax extension header or if certain other types of corruption occur in pax extension headers, and miscomputing the length of a buffer resulting in a buffer overflow if yet another type of corruption occurs in a pax extension header.
b38942f713cc47fbfb1b3c24182ba24175fea8220d4abee0c036c12cbc41e014
G-Mail POP3 brute forcing script written in Python.
4bbed3e7608156906abf7307fafe70e83bbaa95e9e13a1b54bc072157549fae3
SecureBlackBox arbitrary data write exploit that makes use of PGPBBox.dll version 5.1.0.112.
a351baa65c3b6793b7d636dd8b364794e2bfce2f28760c05fd3b903dd889f435
Symantec Norton Security suffers from a local privilege escalation vulnerability in symTDI.sys. Exploit included.
346b36e57180712961f94ec561d4f025aa38510cab65289c24d7891db2570bf7
MkPortal versions 1.1.1 and below reviews and gallery modules remote SQL injection exploit.
39a888b115eee0cb9f0c89f7ea7b1ab4bcd02467b6cab0bf724ace0eb6b19737
PsNews version 1.1 suffers from a local file inclusion vulnerability in show.php.
f9e9bb0aaed6591da5047f58c15869360ad6e3c3b6514b41f7b468102d0aab69
PHP version 5.2.3 bz2 com_print_typeinfo() remote denial of service exploit.
de4334b1c30d3638299b21bdc858f3c57b2f9e67941bb4c6769b7e9649a85a07
The Evolutionary Fuzzing System (EFS) is a fuzzer that attempts to eliminate traditional fuzzer techniques of building a new fuzzer for each protocol by dynamically learning a protocol using code coverage and other feedback mechanisms.
25c9e9a281636d9be7f0216bfa0eb37beca0ff7dc82ae2e3f00832e4c0cb964d
GPF is a fuzzer that provides developers, security researchers, and quality assurance professionals the capability to quickly search for bugs/vulnerabilities in the exposed interface of networked applications. GPF uses captured packet sessions (from libpcap) to construct a protocol description from real traffic. Users can then configure various types of injected faults, manually modify the capture file, and define custom functions to deal with dynamic data.
9597f83a0a3b35e591f9e0d360e8589e6157a42ff347d071a12df55d00355a2d